@opensaas/stack-auth 0.20.1 → 0.22.0

package/dist/config/adopt-better-auth-tables.d.ts

@@ -0,0 +1,107 @@
+/**
+ * "Adopt existing better-auth tables" recipe.
+ *
+ * A migrating project usually already has a working, hand-wired better-auth
+ * installation: its tables are `AuthUser`/`AuthSession`/`AuthAccount`/
+ * `AuthVerification`, mapped into a separate `auth` Postgres schema, and its
+ * application `User` (`public.User`) is a *different* model. Reconstructing the
+ * matching {@link AuthConfig} by hand — four `modelName`s plus a `schema` on each
+ * model — is repetitive and easy to get wrong.
+ *
+ * {@link adoptBetterAuthTables} produces that {@link AuthConfig} fragment from a
+ * couple of options so the migrator doesn't rebuild it from scratch. It only
+ * sets the *adoption* knobs (per-model `modelName` + the plugin-level `schema`);
+ * the developer composes it with the rest of their auth config (providers,
+ * session fields, `extendUserList`, etc.):
+ *
+ * ```typescript
+ * authPlugin({
+ *   ...adoptBetterAuthTables(),
+ *   emailAndPassword: { enabled: true },
+ *   sessionFields: ['userId', 'email', 'name'],
+ * })
+ * ```
+ *
+ * Combined with the keys/field derivation (`deriveAuthLists`) and schema
+ * placement, the generated Auth lists reach **Schema parity** with the live
+ * tables — they are modelled for runtime/types without producing a destructive
+ * auth migration. The recipe never touches the application's own domain `User`:
+ * its model names are `Auth`-prefixed by default and the plugin only ever
+ * adds/extends its *derived* keys.
+ */
+import type { AuthConfig } from './types.js';
+/**
+ * Options for {@link adoptBetterAuthTables}.
+ *
+ * All options are optional and default to the conventions of a standard
+ * separate-schema better-auth install (an `auth` Postgres schema with
+ * `Auth`-prefixed model names).
+ */
+export type AdoptBetterAuthTablesOptions = {
+    /**
+     * The Postgres schema the live better-auth tables live in.
+     *
+     * Applied as the plugin-level {@link AuthConfig.schema}, placing every Auth
+     * list in this schema via `@@schema(...)`. Pass `'public'` (or any single
+     * schema) for an install that is not on a separate schema; pass an explicit
+     * value to match your layout.
+     *
+     * @default 'auth'
+     */
+    schema?: string;
+    /**
+     * Prefix applied to each better-auth model name to derive the list key /
+     * table name (e.g. prefix `'Auth'` → `AuthUser`/`AuthSession`/...).
+     *
+     * A live better-auth install with `modelName: 'AuthUser'` etc. is the common
+     * case; override this if your tables use a different prefix. Set to `''` to
+     * keep the default better-auth names (`User`/`Session`/...) — but note that an
+     * unprefixed `User` will share the app's `User` key, so prefer a prefix when
+     * your domain `User` is a separate model (see {@link AuthConfig.user}).
+     *
+     * @default 'Auth'
+     */
+    modelNamePrefix?: string;
+    /**
+     * Per-model better-auth field → column maps, keyed by model.
+     *
+     * Only needed when your live tables renamed columns away from the better-auth
+     * defaults (e.g. `name → full_name`). Merged into the matching model config so
+     * the derived field-level `@map`s match your live columns.
+     *
+     * @example
+     * ```typescript
+     * adoptBetterAuthTables({
+     *   fields: {
+     *     user: { name: 'full_name' },
+     *     session: { userId: 'user_id' },
+     *   },
+     * })
+     * ```
+     */
+    fields?: {
+        user?: Record<string, string>;
+        session?: Record<string, string>;
+        account?: Record<string, string>;
+        verification?: Record<string, string>;
+    };
+};
+/**
+ * The adoption-relevant slice of {@link AuthConfig}: the plugin-level `schema`
+ * and the per-model `modelName`/`fields`. Returned (not the full `AuthConfig`)
+ * so it spreads cleanly into the developer's own `authPlugin` config.
+ */
+export type AdoptBetterAuthTablesConfig = Pick<AuthConfig, 'schema' | 'user' | 'session' | 'account' | 'verification'>;
+/**
+ * Build the adoption {@link AuthConfig} fragment for a pre-existing better-auth
+ * installation.
+ *
+ * Returns only the model/schema knobs needed to adopt the live tables; spread it
+ * into {@link authPlugin} alongside your own auth config.
+ *
+ * @param options - Adoption conventions (schema, model-name prefix, column maps)
+ * @returns An {@link AuthConfig} fragment with `schema` + per-model `modelName`
+ *   (and any field column maps) set to match the live tables
+ */
+export declare function adoptBetterAuthTables(options?: AdoptBetterAuthTablesOptions): AdoptBetterAuthTablesConfig;
+//# sourceMappingURL=adopt-better-auth-tables.d.ts.map

package/dist/config/adopt-better-auth-tables.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"adopt-better-auth-tables.d.ts","sourceRoot":"","sources":["../../src/config/adopt-better-auth-tables.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAmB,MAAM,YAAY,CAAA;AAE7D;;;;;;GAMG;AACH,MAAM,MAAM,4BAA4B,GAAG;IACzC;;;;;;;;;OASG;IACH,MAAM,CAAC,EAAE,MAAM,CAAA;IAEf;;;;;;;;;;;OAWG;IACH,eAAe,CAAC,EAAE,MAAM,CAAA;IAExB;;;;;;;;;;;;;;;;OAgBG;IACH,MAAM,CAAC,EAAE;QACP,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QAC7B,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QAChC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QAChC,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KACtC,CAAA;CACF,CAAA;AAUD;;;;GAIG;AACH,MAAM,MAAM,2BAA2B,GAAG,IAAI,CAC5C,UAAU,EACV,QAAQ,GAAG,MAAM,GAAG,SAAS,GAAG,SAAS,GAAG,cAAc,CAC3D,CAAA;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,GAAE,4BAAiC,GACzC,2BAA2B,CAqB7B"}

package/dist/config/adopt-better-auth-tables.js

@@ -0,0 +1,70 @@
+/**
+ * "Adopt existing better-auth tables" recipe.
+ *
+ * A migrating project usually already has a working, hand-wired better-auth
+ * installation: its tables are `AuthUser`/`AuthSession`/`AuthAccount`/
+ * `AuthVerification`, mapped into a separate `auth` Postgres schema, and its
+ * application `User` (`public.User`) is a *different* model. Reconstructing the
+ * matching {@link AuthConfig} by hand — four `modelName`s plus a `schema` on each
+ * model — is repetitive and easy to get wrong.
+ *
+ * {@link adoptBetterAuthTables} produces that {@link AuthConfig} fragment from a
+ * couple of options so the migrator doesn't rebuild it from scratch. It only
+ * sets the *adoption* knobs (per-model `modelName` + the plugin-level `schema`);
+ * the developer composes it with the rest of their auth config (providers,
+ * session fields, `extendUserList`, etc.):
+ *
+ * ```typescript
+ * authPlugin({
+ *   ...adoptBetterAuthTables(),
+ *   emailAndPassword: { enabled: true },
+ *   sessionFields: ['userId', 'email', 'name'],
+ * })
+ * ```
+ *
+ * Combined with the keys/field derivation (`deriveAuthLists`) and schema
+ * placement, the generated Auth lists reach **Schema parity** with the live
+ * tables — they are modelled for runtime/types without producing a destructive
+ * auth migration. The recipe never touches the application's own domain `User`:
+ * its model names are `Auth`-prefixed by default and the plugin only ever
+ * adds/extends its *derived* keys.
+ */
+/** The four better-auth models and their default (unprefixed) model names. */
+const MODEL_DEFAULT_NAMES = {
+    user: 'User',
+    session: 'Session',
+    account: 'Account',
+    verification: 'Verification',
+};
+/**
+ * Build the adoption {@link AuthConfig} fragment for a pre-existing better-auth
+ * installation.
+ *
+ * Returns only the model/schema knobs needed to adopt the live tables; spread it
+ * into {@link authPlugin} alongside your own auth config.
+ *
+ * @param options - Adoption conventions (schema, model-name prefix, column maps)
+ * @returns An {@link AuthConfig} fragment with `schema` + per-model `modelName`
+ *   (and any field column maps) set to match the live tables
+ */
+export function adoptBetterAuthTables(options = {}) {
+    const { schema = 'auth', modelNamePrefix = 'Auth', fields = {} } = options;
+    const buildModel = (model) => {
+        const config = {
+            modelName: `${modelNamePrefix}${MODEL_DEFAULT_NAMES[model]}`,
+        };
+        const fieldMap = fields[model];
+        if (fieldMap && Object.keys(fieldMap).length > 0) {
+            config.fields = fieldMap;
+        }
+        return config;
+    };
+    return {
+        schema,
+        user: buildModel('user'),
+        session: buildModel('session'),
+        account: buildModel('account'),
+        verification: buildModel('verification'),
+    };
+}
+//# sourceMappingURL=adopt-better-auth-tables.js.map

package/dist/config/adopt-better-auth-tables.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"adopt-better-auth-tables.js","sourceRoot":"","sources":["../../src/config/adopt-better-auth-tables.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AA+DH,8EAA8E;AAC9E,MAAM,mBAAmB,GAAG;IAC1B,IAAI,EAAE,MAAM;IACZ,OAAO,EAAE,SAAS;IAClB,OAAO,EAAE,SAAS;IAClB,YAAY,EAAE,cAAc;CACpB,CAAA;AAYV;;;;;;;;;;GAUG;AACH,MAAM,UAAU,qBAAqB,CACnC,UAAwC,EAAE;IAE1C,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,eAAe,GAAG,MAAM,EAAE,MAAM,GAAG,EAAE,EAAE,GAAG,OAAO,CAAA;IAE1E,MAAM,UAAU,GAAG,CAAC,KAAuC,EAAmB,EAAE;QAC9E,MAAM,MAAM,GAAoB;YAC9B,SAAS,EAAE,GAAG,eAAe,GAAG,mBAAmB,CAAC,KAAK,CAAC,EAAE;SAC7D,CAAA;QACD,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,CAAA;QAC9B,IAAI,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjD,MAAM,CAAC,MAAM,GAAG,QAAQ,CAAA;QAC1B,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC,CAAA;IAED,OAAO;QACL,MAAM;QACN,IAAI,EAAE,UAAU,CAAC,MAAM,CAAC;QACxB,OAAO,EAAE,UAAU,CAAC,SAAS,CAAC;QAC9B,OAAO,EAAE,UAAU,CAAC,SAAS,CAAC;QAC9B,YAAY,EAAE,UAAU,CAAC,cAAc,CAAC;KACzC,CAAA;AACH,CAAC"}

package/dist/config/derive-auth-lists.d.ts

@@ -0,0 +1,50 @@
+/**
+ * Pure `better-auth config → Auth lists` derivation.
+ *
+ * This module is intentionally free of side effects and plugin/runtime
+ * concerns: given the resolved better-auth model config (per-model `modelName`
+ * and `fields` column maps) plus any custom User fields, it produces the four
+ * OpenSaaS Auth lists (user/session/account/verification) with:
+ *
+ *  - list keys taken from each model's `modelName`
+ *  - a table `@@map` (list-level `db.map`) when the key differs from the
+ *    default better-auth model name
+ *  - field-level `@map` (`db.map`) for any better-auth field → column override
+ *  - relationship refs between the auth lists wired to the *derived* keys
+ *    (e.g. `Session.user → AuthUser.sessions`)
+ *
+ * When the developer supplies no `modelName`/`fields` overrides, the output is
+ * byte-for-byte the historical default set keyed `User`/`Session`/`Account`/
+ * `Verification` with the original field shapes — see the unit tests.
+ *
+ * `getAuthLists`/`convertBetterAuthSchema` (and the runtime user-key
+ * resolution) consume this module so derivation lives in exactly one place.
+ */
+import type { ListConfig } from '@opensaas/stack-core';
+import type { ExtendUserListConfig } from '../lists/index.js';
+import type { NormalizedAuthModels } from './types.js';
+/**
+ * The derived Auth list set together with the keys each list was placed under.
+ * Keys are surfaced separately so callers (plugin add-vs-extend logic, runtime
+ * user-key resolution) don't have to re-derive them.
+ */
+export type DerivedAuthLists = {
+    /** Derived list keys, one per better-auth model. */
+    keys: {
+        user: string;
+        session: string;
+        account: string;
+        verification: string;
+    };
+    /** The derived list configs, keyed by their derived list keys. */
+    lists: Record<string, ListConfig<any>>;
+};
+/**
+ * Derive the OpenSaaS Auth lists from the resolved better-auth model config.
+ *
+ * @param models - Resolved better-auth per-model config (modelName + field column maps)
+ * @param userConfig - Extra User-list fields/access/hooks supplied via `extendUserList`
+ * @returns The derived list keys and the four Auth list configs keyed by those keys
+ */
+export declare function deriveAuthLists(models: NormalizedAuthModels, userConfig?: ExtendUserListConfig): DerivedAuthLists;
+//# sourceMappingURL=derive-auth-lists.d.ts.map

package/dist/config/derive-auth-lists.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"derive-auth-lists.d.ts","sourceRoot":"","sources":["../../src/config/derive-auth-lists.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAIH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACtD,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAA;AAC7D,OAAO,KAAK,EAA6B,oBAAoB,EAAE,MAAM,YAAY,CAAA;AAajF;;;;GAIG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,oDAAoD;IACpD,IAAI,EAAE;QACJ,IAAI,EAAE,MAAM,CAAA;QACZ,OAAO,EAAE,MAAM,CAAA;QACf,OAAO,EAAE,MAAM,CAAA;QACf,YAAY,EAAE,MAAM,CAAA;KACrB,CAAA;IACD,kEAAkE;IAElE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAA;CACvC,CAAA;AA+OD;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,MAAM,EAAE,oBAAoB,EAC5B,UAAU,GAAE,oBAAyB,GACpC,gBAAgB,CAiBlB"}

package/dist/config/derive-auth-lists.js

@@ -0,0 +1,274 @@
+/**
+ * Pure `better-auth config → Auth lists` derivation.
+ *
+ * This module is intentionally free of side effects and plugin/runtime
+ * concerns: given the resolved better-auth model config (per-model `modelName`
+ * and `fields` column maps) plus any custom User fields, it produces the four
+ * OpenSaaS Auth lists (user/session/account/verification) with:
+ *
+ *  - list keys taken from each model's `modelName`
+ *  - a table `@@map` (list-level `db.map`) when the key differs from the
+ *    default better-auth model name
+ *  - field-level `@map` (`db.map`) for any better-auth field → column override
+ *  - relationship refs between the auth lists wired to the *derived* keys
+ *    (e.g. `Session.user → AuthUser.sessions`)
+ *
+ * When the developer supplies no `modelName`/`fields` overrides, the output is
+ * byte-for-byte the historical default set keyed `User`/`Session`/`Account`/
+ * `Verification` with the original field shapes — see the unit tests.
+ *
+ * `getAuthLists`/`convertBetterAuthSchema` (and the runtime user-key
+ * resolution) consume this module so derivation lives in exactly one place.
+ */
+import { list } from '@opensaas/stack-core';
+import { text, timestamp, checkbox, relationship } from '@opensaas/stack-core/fields';
+/**
+ * Default better-auth model names — used to decide whether a `@@map` is needed
+ * (only when the configured `modelName` differs from the default).
+ */
+const DEFAULT_MODEL_NAMES = {
+    user: 'User',
+    session: 'Session',
+    account: 'Account',
+    verification: 'Verification',
+};
+/**
+ * Build the list-level `db` config (`timestamps` + `@@map` + `@@schema`) for a
+ * derived list.
+ *
+ * Always opts the list into auto-timestamps (`timestamps: true`). better-auth's
+ * adapter writes `createdAt`/`updatedAt` on every auth row and the schema
+ * converter returns `null` for those columns (it assumes the generator injects
+ * them). Now that auto-timestamps are OFF by default (ADR-0004), each derived
+ * Auth list must opt back in so the generated models keep those columns and
+ * better-auth keeps working.
+ *
+ * When the developer renames the model (e.g. `modelName: 'AuthUser'`), we also
+ * pin the physical table name to that model name via `@@map("AuthUser")` so the
+ * generated list adopts the developer's live table exactly. When a `schema` is
+ * configured (plugin-level or per-model), the list is placed in that Postgres
+ * schema via `@@schema(...)`.
+ *
+ * With no `modelName`/`schema` overrides we emit only `timestamps: true`,
+ * leaving the default `User`/`Session`/... table/schema output unchanged.
+ */
+function listDb(model, defaultModelName) {
+    const map = model.modelName !== defaultModelName ? model.modelName : undefined;
+    const schema = model.schema;
+    return {
+        timestamps: true,
+        ...(map !== undefined ? { map } : {}),
+        ...(schema !== undefined ? { schema } : {}),
+    };
+}
+/**
+ * Resolve the `db.map` (`@map` column override) for a better-auth field, or
+ * `undefined` when there is no override (so default output is unchanged).
+ *
+ * The field builders capture `options.db` in a closure when generating Prisma
+ * types, so the column map MUST be passed through the builder's `db` option
+ * rather than patched onto the returned field object.
+ */
+function fieldDb(fieldName, fields) {
+    const column = fields[fieldName];
+    return column ? { map: column } : undefined;
+}
+/**
+ * Build the foreign-key `db` config for a `user` relationship, honouring a
+ * `userId` column override from the better-auth `fields` map.
+ */
+function userForeignKeyDb(fields) {
+    const column = fields.userId;
+    return column ? { foreignKey: { map: column } } : undefined;
+}
+/**
+ * Create the Auth user list, applying derived field column maps + table map and
+ * wiring the session/account relationships to the derived keys.
+ */
+function createUserList(model, keys, userConfig) {
+    const f = model.fields;
+    return list({
+        fields: {
+            name: text({ validation: { isRequired: true }, db: fieldDb('name', f) }),
+            email: text({
+                validation: { isRequired: true },
+                isIndexed: 'unique',
+                db: fieldDb('email', f),
+            }),
+            emailVerified: checkbox({ defaultValue: false, db: fieldDb('emailVerified', f) }),
+            image: text({ db: fieldDb('image', f) }),
+            // Relationships to the other auth lists — refs follow the derived keys.
+            sessions: relationship({ ref: `${keys.session}.user`, many: true }),
+            accounts: relationship({ ref: `${keys.account}.user`, many: true }),
+            // Custom fields from user config
+            ...(userConfig.fields || {}),
+        },
+        db: listDb(model, DEFAULT_MODEL_NAMES.user),
+        access: userConfig.access || {
+            operation: {
+                query: () => true,
+                create: () => true,
+                update: ({ session, item }) => {
+                    if (!session)
+                        return false;
+                    const userId = session.userId;
+                    const itemId = item?.id;
+                    return userId === itemId;
+                },
+                delete: ({ session, item }) => {
+                    if (!session)
+                        return false;
+                    const userId = session.userId;
+                    const itemId = item?.id;
+                    return userId === itemId;
+                },
+            },
+        },
+        hooks: userConfig.hooks,
+    });
+}
+/**
+ * Create the Auth session list.
+ */
+function createSessionList(model, keys) {
+    const f = model.fields;
+    return list({
+        fields: {
+            token: text({
+                validation: { isRequired: true },
+                isIndexed: 'unique',
+                db: fieldDb('token', f),
+            }),
+            expiresAt: timestamp({ db: fieldDb('expiresAt', f) }),
+            ipAddress: text({ db: fieldDb('ipAddress', f) }),
+            userAgent: text({ db: fieldDb('userAgent', f) }),
+            user: relationship({
+                ref: `${keys.user}.sessions`,
+                db: userForeignKeyDb(f),
+            }),
+        },
+        db: listDb(model, DEFAULT_MODEL_NAMES.session),
+        access: {
+            operation: {
+                query: ({ session }) => {
+                    if (!session)
+                        return false;
+                    const userId = session.userId;
+                    if (!userId)
+                        return false;
+                    return {
+                        user: { id: { equals: userId } },
+                    };
+                },
+                create: () => true,
+                update: () => false,
+                delete: ({ session, item }) => {
+                    if (!session)
+                        return false;
+                    const userId = session.userId;
+                    const itemUserId = item?.user?.id;
+                    return userId === itemUserId;
+                },
+            },
+        },
+    });
+}
+/**
+ * Create the Auth account list.
+ */
+function createAccountList(model, keys) {
+    const f = model.fields;
+    return list({
+        fields: {
+            accountId: text({ validation: { isRequired: true }, db: fieldDb('accountId', f) }),
+            providerId: text({ validation: { isRequired: true }, db: fieldDb('providerId', f) }),
+            user: relationship({
+                ref: `${keys.user}.accounts`,
+                db: userForeignKeyDb(f),
+            }),
+            accessToken: text({ db: fieldDb('accessToken', f) }),
+            refreshToken: text({ db: fieldDb('refreshToken', f) }),
+            accessTokenExpiresAt: timestamp({ db: fieldDb('accessTokenExpiresAt', f) }),
+            refreshTokenExpiresAt: timestamp({ db: fieldDb('refreshTokenExpiresAt', f) }),
+            scope: text({ db: fieldDb('scope', f) }),
+            idToken: text({ db: fieldDb('idToken', f) }),
+            password: text({ db: fieldDb('password', f) }),
+        },
+        db: listDb(model, DEFAULT_MODEL_NAMES.account),
+        access: {
+            operation: {
+                query: ({ session }) => {
+                    if (!session)
+                        return false;
+                    const userId = session.userId;
+                    if (!userId)
+                        return false;
+                    return {
+                        user: { id: { equals: userId } },
+                    };
+                },
+                create: () => true,
+                update: ({ session, item }) => {
+                    if (!session)
+                        return false;
+                    const userId = session.userId;
+                    const itemUserId = item?.user?.id;
+                    return userId === itemUserId;
+                },
+                delete: ({ session, item }) => {
+                    if (!session)
+                        return false;
+                    const userId = session.userId;
+                    const itemUserId = item?.user?.id;
+                    return userId === itemUserId;
+                },
+            },
+        },
+    });
+}
+/**
+ * Create the Auth verification list.
+ */
+function createVerificationList(model) {
+    const f = model.fields;
+    return list({
+        fields: {
+            identifier: text({ validation: { isRequired: true }, db: fieldDb('identifier', f) }),
+            value: text({ validation: { isRequired: true }, db: fieldDb('value', f) }),
+            expiresAt: timestamp({ db: fieldDb('expiresAt', f) }),
+        },
+        db: listDb(model, DEFAULT_MODEL_NAMES.verification),
+        access: {
+            operation: {
+                query: () => false,
+                create: () => true,
+                update: () => false,
+                delete: () => true,
+            },
+        },
+    });
+}
+/**
+ * Derive the OpenSaaS Auth lists from the resolved better-auth model config.
+ *
+ * @param models - Resolved better-auth per-model config (modelName + field column maps)
+ * @param userConfig - Extra User-list fields/access/hooks supplied via `extendUserList`
+ * @returns The derived list keys and the four Auth list configs keyed by those keys
+ */
+export function deriveAuthLists(models, userConfig = {}) {
+    const keys = {
+        user: models.user.modelName,
+        session: models.session.modelName,
+        account: models.account.modelName,
+        verification: models.verification.modelName,
+    };
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any -- ListConfig must accept any TypeInfo
+    const lists = {
+        [keys.user]: createUserList(models.user, keys, userConfig),
+        [keys.session]: createSessionList(models.session, keys),
+        [keys.account]: createAccountList(models.account, keys),
+        [keys.verification]: createVerificationList(models.verification),
+    };
+    return { keys, lists };
+}
+//# sourceMappingURL=derive-auth-lists.js.map

package/dist/config/derive-auth-lists.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"derive-auth-lists.js","sourceRoot":"","sources":["../../src/config/derive-auth-lists.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,sBAAsB,CAAA;AAC3C,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAA;AAKrF;;;GAGG;AACH,MAAM,mBAAmB,GAAG;IAC1B,IAAI,EAAE,MAAM;IACZ,OAAO,EAAE,SAAS;IAClB,OAAO,EAAE,SAAS;IAClB,YAAY,EAAE,cAAc;CACpB,CAAA;AAoBV;;;;;;;;;;;;;;;;;;;GAmBG;AACH,SAAS,MAAM,CACb,KAAgC,EAChC,gBAAwB;IAExB,MAAM,GAAG,GAAG,KAAK,CAAC,SAAS,KAAK,gBAAgB,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAA;IAC9E,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAA;IAC3B,OAAO;QACL,UAAU,EAAE,IAAI;QAChB,GAAG,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACrC,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC5C,CAAA;AACH,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,OAAO,CAAC,SAAiB,EAAE,MAA8B;IAChE,MAAM,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,CAAA;IAChC,OAAO,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,SAAS,CAAA;AAC7C,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CACvB,MAA8B;IAE9B,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAA;IAC5B,OAAO,MAAM,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAA;AAC7D,CAAC;AAED;;;GAGG;AACH,SAAS,cAAc,CACrB,KAAgC,EAChC,IAA8B,EAC9B,UAAgC;IAGhC,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAA;IACtB,OAAO,IAAI,CAAC;QACV,MAAM,EAAE;YACN,IAAI,EAAE,IAAI,CAAC,EAAE,UAAU,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,CAAC;YACxE,KAAK,EAAE,IAAI,CAAC;gBACV,UAAU,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE;gBAChC,SAAS,EAAE,QAAQ;gBACnB,EAAE,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;aACxB,CAAC;YACF,aAAa,EAAE,QAAQ,CAAC,EAAE,YAAY,EAAE,KAAK,EAAE,EAAE,EAAE,OAAO,CAAC,eAAe,EAAE,CAAC,CAAC,EAAE,CAAC;YACjF,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC;YAExC,wEAAwE;YACxE,QAAQ,EAAE,YAAY,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,OAAO,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;YACnE,QAAQ,EAAE,YAAY,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,OAAO,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;YAEnE,iCAAiC;YACjC,GAAG,CAAC,UAAU,CAAC,MAAM,IAAI,EAAE,CAAC;SAC7B;QACD,EAAE,EAAE,MAAM,CAAC,KAAK,EAAE,mBAAmB,CAAC,IAAI,CAAC;QAC3C,MAAM,EAAE,UAAU,CAAC,MAAM,IAAI;YAC3B,SAAS,EAAE;gBACT,KAAK,EAAE,GAAG,EAAE,CAAC,IAAI;gBACjB,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI;gBAClB,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE;oBAC5B,IAAI,CAAC,OAAO;wBAAE,OAAO,KAAK,CAAA;oBAC1B,MAAM,MAAM,GAAI,OAA+B,CAAC,MAAM,CAAA;oBACtD,MAAM,MAAM,GAAI,IAAwB,EAAE,EAAE,CAAA;oBAC5C,OAAO,MAAM,KAAK,MAAM,CAAA;gBAC1B,CAAC;gBACD,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE;oBAC5B,IAAI,CAAC,OAAO;wBAAE,OAAO,KAAK,CAAA;oBAC1B,MAAM,MAAM,GAAI,OAA+B,CAAC,MAAM,CAAA;oBACtD,MAAM,MAAM,GAAI,IAAwB,EAAE,EAAE,CAAA;oBAC5C,OAAO,MAAM,KAAK,MAAM,CAAA;gBAC1B,CAAC;aACF;SACF;QACD,KAAK,EAAE,UAAU,CAAC,KAAK;KACxB,CAAC,CAAA;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CACxB,KAAgC,EAChC,IAA8B;IAG9B,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAA;IACtB,OAAO,IAAI,CAAC;QACV,MAAM,EAAE;YACN,KAAK,EAAE,IAAI,CAAC;gBACV,UAAU,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE;gBAChC,SAAS,EAAE,QAAQ;gBACnB,EAAE,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;aACxB,CAAC;YACF,SAAS,EAAE,SAAS,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;YACrD,SAAS,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;YAChD,SAAS,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;YAChD,IAAI,EAAE,YAAY,CAAC;gBACjB,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,WAAW;gBAC5B,EAAE,EAAE,gBAAgB,CAAC,CAAC,CAAC;aACxB,CAAC;SACH;QACD,EAAE,EAAE,MAAM,CAAC,KAAK,EAAE,mBAAmB,CAAC,OAAO,CAAC;QAC9C,MAAM,EAAE;YACN,SAAS,EAAE;gBACT,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;oBACrB,IAAI,CAAC,OAAO;wBAAE,OAAO,KAAK,CAAA;oBAC1B,MAAM,MAAM,GAAI,OAA+B,CAAC,MAAM,CAAA;oBACtD,IAAI,CAAC,MAAM;wBAAE,OAAO,KAAK,CAAA;oBACzB,OAAO;wBACL,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;qBACN,CAAA;gBAC9B,CAAC;gBACD,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI;gBAClB,MAAM,EAAE,GAAG,EAAE,CAAC,KAAK;gBACnB,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE;oBAC5B,IAAI,CAAC,OAAO;wBAAE,OAAO,KAAK,CAAA;oBAC1B,MAAM,MAAM,GAAI,OAA+B,CAAC,MAAM,CAAA;oBACtD,MAAM,UAAU,GAAI,IAAmC,EAAE,IAAI,EAAE,EAAE,CAAA;oBACjE,OAAO,MAAM,KAAK,UAAU,CAAA;gBAC9B,CAAC;aACF;SACF;KACF,CAAC,CAAA;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CACxB,KAAgC,EAChC,IAA8B;IAG9B,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAA;IACtB,OAAO,IAAI,CAAC;QACV,MAAM,EAAE;YACN,SAAS,EAAE,IAAI,CAAC,EAAE,UAAU,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;YAClF,UAAU,EAAE,IAAI,CAAC,EAAE,UAAU,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC,EAAE,CAAC;YACpF,IAAI,EAAE,YAAY,CAAC;gBACjB,GAAG,EAAE,GAAG,IAAI,CAAC,IAAI,WAAW;gBAC5B,EAAE,EAAE,gBAAgB,CAAC,CAAC,CAAC;aACxB,CAAC;YACF,WAAW,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC,EAAE,CAAC;YACpD,YAAY,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,EAAE,CAAC;YACtD,oBAAoB,EAAE,SAAS,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,sBAAsB,EAAE,CAAC,CAAC,EAAE,CAAC;YAC3E,qBAAqB,EAAE,SAAS,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,uBAAuB,EAAE,CAAC,CAAC,EAAE,CAAC;YAC7E,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC;YACxC,OAAO,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,CAAC;YAC5C,QAAQ,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC,EAAE,CAAC;SAC/C;QACD,EAAE,EAAE,MAAM,CAAC,KAAK,EAAE,mBAAmB,CAAC,OAAO,CAAC;QAC9C,MAAM,EAAE;YACN,SAAS,EAAE;gBACT,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;oBACrB,IAAI,CAAC,OAAO;wBAAE,OAAO,KAAK,CAAA;oBAC1B,MAAM,MAAM,GAAI,OAA+B,CAAC,MAAM,CAAA;oBACtD,IAAI,CAAC,MAAM;wBAAE,OAAO,KAAK,CAAA;oBACzB,OAAO;wBACL,IAAI,EAAE,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;qBACN,CAAA;gBAC9B,CAAC;gBACD,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI;gBAClB,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE;oBAC5B,IAAI,CAAC,OAAO;wBAAE,OAAO,KAAK,CAAA;oBAC1B,MAAM,MAAM,GAAI,OAA+B,CAAC,MAAM,CAAA;oBACtD,MAAM,UAAU,GAAI,IAAmC,EAAE,IAAI,EAAE,EAAE,CAAA;oBACjE,OAAO,MAAM,KAAK,UAAU,CAAA;gBAC9B,CAAC;gBACD,MAAM,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE;oBAC5B,IAAI,CAAC,OAAO;wBAAE,OAAO,KAAK,CAAA;oBAC1B,MAAM,MAAM,GAAI,OAA+B,CAAC,MAAM,CAAA;oBACtD,MAAM,UAAU,GAAI,IAAmC,EAAE,IAAI,EAAE,EAAE,CAAA;oBACjE,OAAO,MAAM,KAAK,UAAU,CAAA;gBAC9B,CAAC;aACF;SACF;KACF,CAAC,CAAA;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAC7B,KAAgC;IAGhC,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAA;IACtB,OAAO,IAAI,CAAC;QACV,MAAM,EAAE;YACN,UAAU,EAAE,IAAI,CAAC,EAAE,UAAU,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC,EAAE,CAAC;YACpF,KAAK,EAAE,IAAI,CAAC,EAAE,UAAU,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC;YAC1E,SAAS,EAAE,SAAS,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;SACtD;QACD,EAAE,EAAE,MAAM,CAAC,KAAK,EAAE,mBAAmB,CAAC,YAAY,CAAC;QACnD,MAAM,EAAE;YACN,SAAS,EAAE;gBACT,KAAK,EAAE,GAAG,EAAE,CAAC,KAAK;gBAClB,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI;gBAClB,MAAM,EAAE,GAAG,EAAE,CAAC,KAAK;gBACnB,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI;aACnB;SACF;KACF,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,eAAe,CAC7B,MAA4B,EAC5B,aAAmC,EAAE;IAErC,MAAM,IAAI,GAAG;QACX,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS;QAC3B,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS;QACjC,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,SAAS;QACjC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,SAAS;KAC5C,CAAA;IAED,qGAAqG;IACrG,MAAM,KAAK,GAAoC;QAC7C,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC;QAC1D,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,iBAAiB,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC;QACvD,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,iBAAiB,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC;QACvD,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,sBAAsB,CAAC,MAAM,CAAC,YAAY,CAAC;KACjE,CAAA;IAED,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAA;AACxB,CAAC"}

package/dist/config/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,UAAU,EACV,oBAAoB,EAIrB,MAAM,YAAY,CAAA;AAEnB;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,UAAU,GAAG,oBAAoB,CAyD5E;AAED,YAAY,EAAE,UAAU,EAAE,oBAAoB,EAAE,CAAA;AAChD,cAAc,YAAY,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,UAAU,EAEV,oBAAoB,EAMrB,MAAM,YAAY,CAAA;AAmDnB;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,UAAU,GAAG,oBAAoB,CA+D5E;AAED,YAAY,EAAE,UAAU,EAAE,oBAAoB,EAAE,CAAA;AAChD,cAAc,YAAY,CAAA"}

package/dist/config/index.js

@@ -1,3 +1,41 @@
+/**
+ * Default better-auth model names. Used when the developer does not override
+ * `modelName`, preserving the historical `User`/`Session`/`Account`/`Verification`
+ * keys exactly.
+ */
+const DEFAULT_MODEL_NAMES = {
+    user: 'User',
+    session: 'Session',
+    account: 'Account',
+    verification: 'Verification',
+};
+/**
+ * Resolve a single better-auth model config block into its normalized form,
+ * falling back to the better-auth default model name and an empty column map.
+ * The model's Postgres schema is the per-model `schema` override when present,
+ * otherwise the plugin-level `schema` default (or `undefined` for `public`).
+ */
+function normalizeModelConfig(config, defaultModelName, defaultSchema) {
+    return {
+        modelName: config?.modelName || defaultModelName,
+        fields: config?.fields || {},
+        schema: config?.schema ?? defaultSchema,
+    };
+}
+/**
+ * Resolve the better-auth model config for all four auth models.
+ * `defaultSchema` is the plugin-level `schema` applied to every model unless a
+ * per-model `schema` override is given.
+ */
+function normalizeAuthModels(config) {
+    const defaultSchema = config.schema;
+    return {
+        user: normalizeModelConfig(config.user, DEFAULT_MODEL_NAMES.user, defaultSchema),
+        session: normalizeModelConfig(config.session, DEFAULT_MODEL_NAMES.session, defaultSchema),
+        account: normalizeModelConfig(config.account, DEFAULT_MODEL_NAMES.account, defaultSchema),
+        verification: normalizeModelConfig(config.verification, DEFAULT_MODEL_NAMES.verification, defaultSchema),
+    };
+}
 /**
  * Normalize auth configuration with defaults
  */
@@ -32,12 +70,17 @@ export function normalizeAuthConfig(config) {
     };
     // Session fields defaults
     const sessionFields = config.sessionFields || ['userId', 'email', 'name'];
+    // Resolve better-auth per-model config (modelName + field column maps).
+    // Defaults preserve the historical User/Session/Account/Verification keys.
+    const models = normalizeAuthModels(config);
     return {
         emailAndPassword,
         emailVerification,
         passwordReset,
         socialProviders: config.socialProviders || {},
         session,
+        models,
+        schema: config.schema,
         sessionFields,
         extendUserList: config.extendUserList || {},
         sendEmail: config.sendEmail ||

package/dist/config/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAQA;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAkB;IACpD,8BAA8B;IAC9B,MAAM,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,EAAE,OAAO;QACvD,CAAC,CAAC;YACE,OAAO,EAAE,IAAa;YACtB,iBAAiB,EAAG,MAAM,CAAC,gBAAwC,CAAC,iBAAiB,IAAI,CAAC;YAC1F,mBAAmB,EAChB,MAAM,CAAC,gBAAwC,CAAC,mBAAmB,IAAI,IAAI;SAC/E;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAc,EAAE,iBAAiB,EAAE,CAAC,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAA;IAEhF,8BAA8B;IAC9B,MAAM,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,EAAE,OAAO;QACzD,CAAC,CAAC;YACE,OAAO,EAAE,IAAa;YACtB,YAAY,EAAG,MAAM,CAAC,iBAA6C,CAAC,YAAY,IAAI,IAAI;YACxF,eAAe,EACZ,MAAM,CAAC,iBAA6C,CAAC,eAAe,IAAI,KAAK;SACjF;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAc,EAAE,YAAY,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,CAAA;IAE3E,0BAA0B;IAC1B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,OAAO;QACjD,CAAC,CAAC;YACE,OAAO,EAAE,IAAa;YACtB,eAAe,EAAG,MAAM,CAAC,aAAqC,CAAC,eAAe,IAAI,IAAI;SACvF;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAc,EAAE,eAAe,EAAE,IAAI,EAAE,CAAA;IAEtD,mBAAmB;IACnB,MAAM,OAAO,GAAG;QACd,SAAS,EAAE,MAAM,CAAC,OAAO,EAAE,SAAS,IAAI,MAAM,EAAE,SAAS;QACzD,SAAS,EAAE,MAAM,CAAC,OAAO,EAAE,SAAS,IAAI,IAAI;KAC7C,CAAA;IAED,0BAA0B;IAC1B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,CAAA;IAEzE,OAAO;QACL,gBAAgB;QAChB,iBAAiB;QACjB,aAAa;QACb,eAAe,EAAE,MAAM,CAAC,eAAe,IAAI,EAAE;QAC7C,OAAO;QACP,aAAa;QACb,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,EAAE;QAC3C,SAAS,EACP,MAAM,CAAC,SAAS;YAChB,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE;gBAC/B,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAA;gBAC/D,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;gBACxB,OAAO,CAAC,GAAG,CAAC,YAAY,OAAO,EAAE,CAAC,CAAA;gBAClC,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,CAAA;YAC9B,CAAC,CAAC;QACJ,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,IAAI,EAAE;QACjD,SAAS,EAAE,MAAM,CAAC,SAAS;KAC5B,CAAA;AACH,CAAC;AAGD,cAAc,YAAY,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAWA;;;;GAIG;AACH,MAAM,mBAAmB,GAAG;IAC1B,IAAI,EAAE,MAAM;IACZ,OAAO,EAAE,SAAS;IAClB,OAAO,EAAE,SAAS;IAClB,YAAY,EAAE,cAAc;CACpB,CAAA;AAEV;;;;;GAKG;AACH,SAAS,oBAAoB,CAC3B,MAAmC,EACnC,gBAAwB,EACxB,aAAiC;IAEjC,OAAO;QACL,SAAS,EAAE,MAAM,EAAE,SAAS,IAAI,gBAAgB;QAChD,MAAM,EAAE,MAAM,EAAE,MAAM,IAAI,EAAE;QAC5B,MAAM,EAAE,MAAM,EAAE,MAAM,IAAI,aAAa;KACxC,CAAA;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,mBAAmB,CAAC,MAAkB;IAC7C,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAA;IACnC,OAAO;QACL,IAAI,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAAI,EAAE,aAAa,CAAC;QAChF,OAAO,EAAE,oBAAoB,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,OAAO,EAAE,aAAa,CAAC;QACzF,OAAO,EAAE,oBAAoB,CAAC,MAAM,CAAC,OAAO,EAAE,mBAAmB,CAAC,OAAO,EAAE,aAAa,CAAC;QACzF,YAAY,EAAE,oBAAoB,CAChC,MAAM,CAAC,YAAY,EACnB,mBAAmB,CAAC,YAAY,EAChC,aAAa,CACd;KACF,CAAA;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAkB;IACpD,8BAA8B;IAC9B,MAAM,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,EAAE,OAAO;QACvD,CAAC,CAAC;YACE,OAAO,EAAE,IAAa;YACtB,iBAAiB,EAAG,MAAM,CAAC,gBAAwC,CAAC,iBAAiB,IAAI,CAAC;YAC1F,mBAAmB,EAChB,MAAM,CAAC,gBAAwC,CAAC,mBAAmB,IAAI,IAAI;SAC/E;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAc,EAAE,iBAAiB,EAAE,CAAC,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAA;IAEhF,8BAA8B;IAC9B,MAAM,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,EAAE,OAAO;QACzD,CAAC,CAAC;YACE,OAAO,EAAE,IAAa;YACtB,YAAY,EAAG,MAAM,CAAC,iBAA6C,CAAC,YAAY,IAAI,IAAI;YACxF,eAAe,EACZ,MAAM,CAAC,iBAA6C,CAAC,eAAe,IAAI,KAAK;SACjF;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAc,EAAE,YAAY,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,CAAA;IAE3E,0BAA0B;IAC1B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,OAAO;QACjD,CAAC,CAAC;YACE,OAAO,EAAE,IAAa;YACtB,eAAe,EAAG,MAAM,CAAC,aAAqC,CAAC,eAAe,IAAI,IAAI;SACvF;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAc,EAAE,eAAe,EAAE,IAAI,EAAE,CAAA;IAEtD,mBAAmB;IACnB,MAAM,OAAO,GAAG;QACd,SAAS,EAAE,MAAM,CAAC,OAAO,EAAE,SAAS,IAAI,MAAM,EAAE,SAAS;QACzD,SAAS,EAAE,MAAM,CAAC,OAAO,EAAE,SAAS,IAAI,IAAI;KAC7C,CAAA;IAED,0BAA0B;IAC1B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,CAAA;IAEzE,wEAAwE;IACxE,2EAA2E;IAC3E,MAAM,MAAM,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAA;IAE1C,OAAO;QACL,gBAAgB;QAChB,iBAAiB;QACjB,aAAa;QACb,eAAe,EAAE,MAAM,CAAC,eAAe,IAAI,EAAE;QAC7C,OAAO;QACP,MAAM;QACN,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,aAAa;QACb,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,EAAE;QAC3C,SAAS,EACP,MAAM,CAAC,SAAS;YAChB,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE;gBAC/B,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAA;gBAC/D,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;gBACxB,OAAO,CAAC,GAAG,CAAC,YAAY,OAAO,EAAE,CAAC,CAAA;gBAClC,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,CAAA;YAC9B,CAAC,CAAC;QACJ,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,IAAI,EAAE;QACjD,SAAS,EAAE,MAAM,CAAC,SAAS;KAC5B,CAAA;AACH,CAAC;AAGD,cAAc,YAAY,CAAA"}

package/dist/config/plugin.d.ts

@@ -1,4 +1,4 @@
-import type { Plugin } from '@opensaas/stack-core';
+import type { Plugin } from '@opensaas/stack-core/extend';
 import type { AuthConfig } from './types.js';
 /**
  * Auth plugin for OpenSaas Stack

package/dist/config/plugin.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"plugin.d.ts","sourceRoot":"","sources":["../../src/config/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAClD,OAAO,KAAK,EAAE,UAAU,EAAwB,MAAM,YAAY,CAAA;AAKlE;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CA6FrD"}
+{"version":3,"file":"plugin.d.ts","sourceRoot":"","sources":["../../src/config/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,6BAA6B,CAAA;AAEzD,OAAO,KAAK,EAAE,UAAU,EAAwB,MAAM,YAAY,CAAA;AAKlE;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAqJrD"}